Securing industrial control system environments: the missing piece

Procedia Computer Science, 2018

The frequency and sophistication of cyber-threats towards Industrial Control Systems (ICS) continues to increase. This reality, coupled with the increased interconnectivity of ICS and enterprise networks and the utilisation of standard system platforms and operating systems, has raised the potential risk to both the security and safety of critical infrastructure. There is a growing awareness that the safety and security of ICS cannot be dealt with in isolation, it should be considered jointly. This paper proposes a methodology that harmonises safety and security within ICS environments. The findings also indicate that efforts to harmonise safety and security extends beyond deconflicting and implementing effective technical countermeasures-nontechnical factors and the organisational context play an equally important part.

European Conference on Cyber Warfare and Security

Industrial Control Systems (ICS) comprise software, hardware, network systems, and people that manage and operate industrial processes. Supervisory Control and Data Acquisition Systems (SCADA) and Distributed Control Systems (DCS) are two of the most prevalent ICS. An ICS facilitates the effective and efficient management and operation of industrial sectors, including critical infrastructure sectors like utilities, manufacturing, and water treatment facilities. An ICS collects and integrates data from various field controllers deployed in industrial contexts, enabling operators to make data-driven decisions in managing industrial operations. Historically, ICS were isolated from the internet, functioning as part of air-gapped networks. However, the efficiency improvements brought about by the emergence of Information Technology necessitated a shift towards a more connected industrial environment. The convergence of Information and Operational Technology (IT/OT) has made ICS vulnerabl...

2011

Industrial Control Systems (ICS) that monitor and operate critical industrial infrastructure worldwide are subject to an increasing frequency of cyber attacks. Evolution of the ICS environment to include standard operating system (OS) platforms and connectivity to corporate LANs and the world-wide-web occurred in ICS environments that were insulated from the outside world by a closed, trusted network. The result is legacy systems and component devices exposed to modern external threats with weak or non-existent security mechanisms in place. The risk to ICS is gradually being addressed, but not nearly fast enough to protect from easily devised cyber attacks.

SpringerBriefs in Computer Science, 2013

and Alessandro Fasani, it's a natural follow-up of the previous paper and describes what Industrial Control Systems are, provides an analysis on what are the main vulnerabilities affecting ICS and describes the principal methodologies for attacking them. Then, the paper defines what measures could be taken in order to make ICS and Critical Infrastructures resilient. The document ends outlining what international measures are being taken in order to protect critical infrastructure and their systems.

2011

Proceedings of the VDE Kongress, 2004

Process control and SCADA systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. Unfortunately, new research indicates this complacency is misplaced -the move to open standards such as Ethernet, TCP/IP and web technologies is letting hackers take advantage of the control industry's ignorance. This paper summarizes the incident information collected in the BCIT Industrial Security Incident Database (ISID), describes a number of events that directly impacted process control systems and identifies the lessons that can be learned from these security events.

This paper describes an international research effort that has been working toward identification of vulnerabilities in industrial control systems, mitigation strategies to address vulnerabilities, and development of tools to prevent intrusion on such systems.

2017

Cyber security is a growing challenge for all organizations. In the past two decades, organizations have developed a huge amount of infrastructures based on important industrial control systems (ICS) for their businesses. A specific domain of these challenges comprises the industrial organizations that manage railway infrastructures, public utilities, nuclear plants, communication infrastructures and utilities. The aim of the paper is developing a conceptual bridge between organizational research on safety and new research program on cyber security in industrial setting. Working on data provided by an ongoing project on cyber risk in ICS, the paper suggest a preliminary framework to face with relevant questions and reflections on how the organizational social construction of safety can be in some way a good proxy to understand the sociotechnical side of cyber risk in industrial sites.

Computers & Security, 2019

Advanced Persistent Threats (APTs) have become a serious hazard for any critical infrastructure, as a single solution to protect all industrial assets from these complex attacks does not exist. It is then essential to understand what are the defense mechanisms that can be used as a first line of defense. For this purpose, this article will firstly study the spectrum of attack vectors that APTs can use against existing and novel elements of an industrial ecosystem. Afterwards, this article will provide an analysis of the evolution and applicability of Intrusion Detection Systems (IDS) that have been proposed in both the industry and academia.

International Journal of Cyber Warfare and Terrorism, 2016

Industrial control systems (ICS) or supervisory, control, and data acquisition (SCADA) systems drive many key components of the national infrastructure. It makes these control systems targets for cyber-attacks by terrorists and nation-states who wish to damage their target economically and socially, and cyber-criminals who blackmail the companies operating the infrastructure. Despite the high risk of leaving these systems exposed, providing adequate cyber-security is often challenging. The Stuxnet worm illustrated how vulnerable control systems potentially are when it bypassed a number of security mechanisms to cause physical damage to an Iranian nuclear facility. The article focuses on ICS/SCADA in South Africa discussing the unique challenges and legislation relate to securing control system in the South Africa. A governance and security framework for overcoming these challenges are proposed.